JaffaCakes118_6408cd34411157cdb079691bdc14f30a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6408cd34411157cdb079691bdc14f30a
Size

188KB
MD5

6408cd34411157cdb079691bdc14f30a
SHA1

4b2a1083dbbd901188ec7a9dd6c4147a51d95507
SHA256

70957925f0a9ccf1b05c8d01652b9c89f6f9321e0f07a5114f626c20f3319db1
SHA512

aab79be91904e353a64d41a7e31ad63fc4ba7f8defea817715e0c5b7c5b96c11df8c065be0f477b51830d7d625c4365aa6a2c3cc94080588634aa307c05c51e6
SSDEEP

3072:ceKxgm5VFtaNQzE/GOJxUcPd1FAWt4ujhSa5qlMEthSP6DVMg/gx77q1gVXQXata:ceOgA0Kz5OJLPd1yWqaChBDVMdx77q1/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6408cd34411157cdb079691bdc14f30a

Files

JaffaCakes118_6408cd34411157cdb079691bdc14f30a
.exe windows:4 windows x86 arch:x86

59d2828443eda938849ed2de22bc19be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidCreate

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

ole32

CoInitialize
StringFromGUID2
CoCreateInstance
CoCreateGuid
CoUninitialize
CoSetProxyBlanket

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

user32

GetClassLongA
MessageBoxW

kernel32

ExitProcess
WriteConsoleW
GetUserDefaultLCID
HeapCreate
GetStartupInfoA
GetSystemTimeAsFileTime
GetLocaleInfoA
GetEnvironmentStrings
LoadLibraryA
GetVersionExA
GetTickCount
WriteConsoleA
SetFilePointer
GetThreadPriority
EnterCriticalSection
GetStdHandle
GetProcAddress
HeapReAlloc
GetStringTypeW
GetCurrentThreadId
FlushFileBuffers
WideCharToMultiByte
GetCurrentProcessId
IsValidLocale
EnumSystemLocalesA
RtlUnwind
GetConsoleCP
GetModuleFileNameW
SetCommTimeouts
CreateFileA
CloseHandle
GetCurrentDirectoryW
HeapSize
HeapAlloc
VirtualFree
VirtualAlloc
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
HeapDestroy
GetCPInfo
SetLastError
IsDebuggerPresent
FreeEnvironmentStringsA
Sleep
InterlockedIncrement
LCMapStringA
EnumResourceNamesA
TlsSetValue
InitializeCriticalSection
TlsAlloc
GetCurrentProcess
WriteFile
GetLocaleInfoW
IsValidCodePage
QueryPerformanceCounter
GetCommandLineA
ExitProcess
GetProcessHeap
GetModuleFileNameA
RaiseException
GetConsoleMode
GetOEMCP
GetEnvironmentStringsW
UnhandledExceptionFilter
GetConsoleOutputCP
ReadFile
DeleteCriticalSection
GlobalAlloc
SetStdHandle
GetACP
HeapFree
SetHandleCount
MultiByteToWideChar
SetEndOfFile
GetStringTypeA
LCMapStringW
TlsGetValue
GetFileType
GetLastError
InterlockedDecrement
GetFullPathNameW
TerminateProcess
GetModuleHandleA
TlsFree
LeaveCriticalSection
GetFullPathNameA

shlwapi

SHDeleteKeyW

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59d2828443eda938849ed2de22bc19be

Headers

File Characteristics

Imports

rpcrt4

shell32

ole32

advapi32

user32

kernel32

shlwapi

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 31KB - Virtual size: 31KB

.crt Size: 512B - Virtual size: 92KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 31KB - Virtual size: 31KB

.crt
Size: 512B - Virtual size: 92KB